What are the key statistics your enterprise needs to know when selecting a SIEM solution? How do these statistics describe the threat landscape facing your cybersecurity?
In 2018, Switchfast Technologies unveiled a disturbing fact: 60 percent of small to medium-sized businesses (SMBs) go out of business after a data breach. In fact, they could go out of business six months after a data breach. This statistic should guide enterprises when selecting a SIEM solution.
However, even in that study, Switchfast discovered worrying gaps in cybersecurity awareness. 51 percent of small business leaders and 35 percent of employees say they don’t believe cybercriminals would target them.
This kind of complacency could seriously impact your enterprise’s cybersecurity. Instead of giving in, you need to start selecting a SIEM solution that fits with the threat landscape. As such, here are key statistics to know when selecting a SIEM solution for your enterprise.
Key Statistics To Know When Selecting a SIEM Solution
First, we must understand the stakes. In addition to the above findings by Switchfast, Willis Towers Watson and ESI ThoughtLab found enterprises lose $4.7 million to cybercriminals annually. 10 percent lose more than $10 million.
What vulnerabilities do you face? Where do they come from?
In their “The Anatomy of Shadow Mining” report, Exabeam found 57 percent of respondents remain unfamiliar with cryptojacking. 47 percent don’t feel confident about detecting or preventing cryptojacking or shadow mining with their current cybersecurity policies.
In their 2019 Incident Response Report, BAE Systems Applied Intelligence discovered 71 percent of enterprises surveyed experienced a phishing incident. Also, 66 percent of enterprises respond to between 1 and 25 cybersecurity incidents per month. 23 percent of incident response teams don’t conduct readiness exercises with their senior management.
According to the Verizon 2019 Data Breach, ransomware constitutes almost 24 percent of security incidents. External threat actors contribute 69 percent of all breaches, while insider threats contribute to 34 percent.
Of course, that 34 percent might prove far more dangerous than you’d expect. Gurucul and their Insider Threat Survey found over 70 percent of all enterprises have a vulnerability to insider threats.
Meanwhile, 40 percent of enterprise IT security professionals said they can’t detect an insider threat as it moves data through or out of the network. Only 26 percent of enterprises can detect an insider threat before data exfiltration.
Cybersecurity professionals spend 25 percent of their time dealing with false positives; this comes from studies by SIEM provider Exabeam and the Ponemon Institute. A next-generation SIEM solution can help mitigate false positives through contextualization and threat intelligence.
Additionally, 46 percent of participants security operations centers (SOCs) complain of slight understaffing. SIEM solutions can help supplement SOCs and security professionals through automation.
Other Statistics to Know When Selecting a SIEM Solution
According to Imperva, web application security vulnerabilities increased by 23 percent compared to 2017. Additionally, Positive Technologies found 77 percent of applications, 74 percent had authentication issues, 53 percent had access control flaws.
Moreover, FireMon recently released its first-ever State of Hybrid Cloud Security Survey. In it, they found 60 percent of InfoSec professionals believe their enterprise’s cloud initiatives move faster than their security.
44 percent of enterprises place the responsibility for cloud security outside the IT security team. 50 percent of cybersecurity professionals said less than 25 percent of their security budget goes to cloud security.
How to Learn More
You can learn more about selecting a SIEM solution for your enterprise with our 2019 SIEM Buyer’s Guide. Here, we explore the top solution providers and their key capabilities; we even provide a Bottom Line analysis for each. Also, in our SIEM Vendor Map, we compare the vendors in their Log Management, Threat Detection, and Compliance.
Latest posts by Ben Canner (see all)
- 5 Key Security Analytics Capabilities for Security Operations Centers - October 17, 2019
- 40 Percent of Security Practitioners Don’t Report to the Board - October 15, 2019
- What Do SIEM Components Actually Do For Enterprises? - October 10, 2019